Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bot_RAT (1).exe

  • Size

    70.3MB

  • Sample

    240829-xy78jsyeqp

  • MD5

    0398b7de1ec53614ff93de0cf73c2cbf

  • SHA1

    730ebb7a819734b88239a0c9d96e7a5556ad8981

  • SHA256

    d8f646ea55f46d2eedd074d54405a896e77563e310d43ae490eb2f971b72b36a

  • SHA512

    246ffd49d49ef79b4d7b62764e1a8fee1be72b3b4b442307632c0fe8a0074d4e5567b5471482984bbe8ea84045af2f3232ae8f80887a53000e99b761b1d8ca47

  • SSDEEP

    1572864:8RWMQoWGgFP/V4f6Gj53ikjt4jRq2GqFOPV5GiIY2qHWB75iVfaLu7/K:8UMffgt/VG6RmtCRlGPrcY2qHO5iVfaL

Score
7/10

Malware Config

Targets

    • Target

      bot_RAT (1).exe

    • Size

      70.3MB

    • MD5

      0398b7de1ec53614ff93de0cf73c2cbf

    • SHA1

      730ebb7a819734b88239a0c9d96e7a5556ad8981

    • SHA256

      d8f646ea55f46d2eedd074d54405a896e77563e310d43ae490eb2f971b72b36a

    • SHA512

      246ffd49d49ef79b4d7b62764e1a8fee1be72b3b4b442307632c0fe8a0074d4e5567b5471482984bbe8ea84045af2f3232ae8f80887a53000e99b761b1d8ca47

    • SSDEEP

      1572864:8RWMQoWGgFP/V4f6Gj53ikjt4jRq2GqFOPV5GiIY2qHWB75iVfaLu7/K:8UMffgt/VG6RmtCRlGPrcY2qHO5iVfaL

    Score
    7/10
    • Drops startup file

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks